在基本行動及安全性中清除行動裝置Wipe a mobile device in Basic Mobility and Security

您可以使用內建的基本行動性和安全性 Microsoft 365,只移除組織資訊,或執行出廠重設以刪除行動裝置中的所有資訊,並將其還原為出廠設定。You can use built-in Basic Mobility and Security for Microsoft 365 to remove only organizational information, or to perform a factory reset to delete all information from a mobile device and restore it to factory settings.

開始之前Before you begin

行動裝置可以儲存敏感組織資訊,並提供組織 Microsoft 365 資源的存取權。Mobile devices can store sensitive organizational information and provide access to your organization's Microsoft 365 resources. 為了協助保護您組織的資訊,您可以進行原始重設或移除公司資料:To help protect your organization's information, you can do Factory reset or Remove company data:

  • 恢復出廠設定:刪除使用者行動裝置上的所有資料,包括已安裝的應用程式、相片和個人資訊。Factory reset: Deletes all data on a user's mobile device, including installed applications, photos, and personal information. 當清除完成時,裝置會還原為其出廠設定。When the wipe is complete, the device is restored to its factory settings.

  • 移除公司資料:移除組織中的資料,並在使用者的行動裝置上保留已安裝的應用程式、相片和個人資訊。Remove company data: Removes only organization data and leaves installed applications, photos, and personal information on a user's mobile device.

  • 在擦除裝置時 (出廠重設或移除公司資料) 中,裝置會從受管理的裝置清單中移除。When a device is wiped (Factory Reset or Remove Company Data), the device is removed from the list of managed devices.

  • 自動重設裝置:您可以設定基本行動性和安全性原則,當使用者未成功輸入裝置密碼的特定次數時,自動將裝置重設為自動出廠設定。Automatically reset a device: You can set up a Basic Mobility and Security policy that automatically factory resets a device after the user unsuccessfully tries to enter the device password a specific number of times. 若要這麼做,請遵循以 基本行動性和安全性建立裝置安全性原則中的步驟。To do this, follow the steps in Create device security policies in basic mobility and security.

  • 如果您想要知道 您在擦除其裝置時的使用者體驗,請參閱   使用者和裝置影響的情況為何?If you want to know the user experience when you wipe their device, see  What's the user and device impact?.

清除行動裝置Wipe a mobile device

  1. 移至 Microsoft 365 系統管理中心Go to the Microsoft 365 admin center.

  2. 在 [搜尋] 欄位中輸入行動裝置管理,並從結果清單中選取 [行動 裝置管理 ]。Type Mobile Device Management into the search field, and select Mobile Device Management from the list of results.

    基本行動裝置和 Secruity 行動裝置管理選項

  3. 選取 [ 管理裝置]。Select Manage devices.

  4. 選取您要抹除的裝置。Select the device you want to wipe.

  5. 選取 [ 管理]。Select Manage.

  6. 選取您要執行的遠端抹除類型。Select the type of remote wipe you want to do.

    • 若要執行完整清除並將裝置還原至其出廠設定,請選取 [ 原廠重設]。To do a full wipe and restore the device to its factory settings, select Factory reset.
    • 若要進行選擇性清除並只刪除 Microsoft 365 的組織資訊,請選取 [移除公司資料]。To do a selective wipe and delete only Microsoft 365 organization information, select Remove company data.
    • 若要從組織中移除裝置,請選取 [ 移除裝置]。To remove the device from your organization, select Remove device.
  7. 選取 [是] 加以確認。Select Yes to confirm.

如何知道這是否正常運作?How do I know it worked?

您不再在受管理的裝置清單中看到行動裝置。You no longer see the mobile device in the list of managed devices.

為何要清除裝置?Why would you want to wipe a device?

請清除裝置,原因如下:Wipe a device for these reasons:

  • 行動裝置(例如 smartphone 和平板電腦)現在已經變得完全齊全。Mobile devices like smartphones and tablets are becoming more full-featured all the time. 這表示您的使用者更容易儲存敏感的公司資訊,例如個人身分識別或機密通訊,並可在旅途中存取。This means it’s easier for your users to store sensitive corporate information such as personal identification or confidential communications and access it on the go. 如果其中一位行動裝置遺失或被盜,擦除裝置可協助避免您的組織的資訊在錯誤的手中結束。If one of these mobile devices is lost or stolen, wiping the device can help prevent your organization’s information from ending up in the wrong hands.
  • 當使用者使用已註冊基本行動性和安全性的個人裝置離開組織時,您可以執行出廠重設,以防止組織資訊與該使用者互動。When a user leaves the organization with a personal device that is enrolled in Basic Mobility and Security, you can help prevent organizational information from going with that user by performing a factory reset.
  • 如果您的組織為使用者提供行動裝置,您可能需要重新指派裝置的時間。If your organization provides mobile devices to users, you might need to reassign devices from time to time. 在裝置上進行原廠重設,將其指派給新的使用者,有助於確保刪除先前擁有者的任何機密資訊。Doing a Factory Reset on a device before assigning it to a new user helps ensures that any sensitive information from the previous owner is deleted.

使用者和裝置影響為何?What's the user and device impact?

擦除會立即傳送給行動裝置,而且裝置會在 Azure active directory 中標示為不相容。The wipe is sent immediately to the mobile device and the device is marked as not compliant in Azure active directory. 當裝置重設為出廠預設值時,會移除所有資料,下表會說明當您移除公司資料時,裝置會移除每種裝置類型的內容。While all data is removed when a device is reset to factory defaults, the following table describes what content is removed for each device type when a device when you remove company data.

內容影響Content impact iOS 10 和更新版本iOS 10 and later Android 5 及更新版本Android 5 and later
如果裝置受到 Intune 應用程式保護原則保護,就會清除 Microsoft 365 應用程式資料。Microsoft 365 app data is wiped if the device is protected by Intune App Protection policies. 未移除應用程式。The apps aren't removed. 對於不是由行動應用程式管理 (MAM) 原則保護的裝置,Outlook 和 OneDrive 不會移除快取的資料。For devices not protected by Mobile Application Management (MAM) policies, Outlook and OneDrive won't remove cached data.
記事 若要套用 Intune 應用程式保護原則,您必須要有 Intune 授權。Note For applying Intune App protection policies you must have an Intune license.
Yes Yes
已不再執行基本行動性和裝置安全性所套用的原則設定;使用者可以變更設定。Policy settings applied by Basic Mobility and Security to devices are no longer enforced; users can change the settings. Yes Yes
已移除基本行動性和安全性所建立的電子郵件設定檔,並刪除裝置上的快取電子郵件。Email profiles created by Basic Mobility and Security are removed and cached email on the device is deleted. Yes 不適用N/A

注意

公司入口網站應用程式可在應用程式存放區取得,以供 iOS 和 Android 裝置的播放存放區使用。Company Portal app is available at the App Store for iOS and the Play Store for Android devices.